sa-update fails: permission denied on config directory
Hi, I'm seeing an error when the cron job under Debian runs for SA 3.4.0. I get this error from the cron job: /etc/cron.daily/spamassassin: config: no configuration text or files found! do you need to run 'sa-update'? Timeout::_run: check: no loaded plugin implements 'check_main': cannot scan! Check the necessary '.pre' files are in the config directory. sa-update failed for unknown reasons To investigate further, I ran su debian-spamd -c 'sa-update -D --gpghomedir /var/lib/spamassassin/sa-update-keys': Jul 28 10:07:18.922 [30562] dbg: logger: adding facilities: all Jul 28 10:07:18.922 [30562] dbg: logger: logging level is DBG Jul 28 10:07:18.922 [30562] dbg: generic: SpamAssassin version 3.4.0 Jul 28 10:07:18.923 [30562] dbg: generic: Perl 5.014002, PREFIX=/usr, DEF_RULES_DIR=/usr/share/spamassassin, LOCAL_RULES_DIR=/etc/mail/spamassassin, LOCAL_STATE_DIR=/var/lib/spamassassin Jul 28 10:07:18.923 [30562] dbg: config: timing enabled Jul 28 10:07:18.923 [30562] dbg: config: score set 0 chosen. Jul 28 10:07:18.928 [30562] dbg: generic: sa-update version svn1475932 Jul 28 10:07:18.928 [30562] dbg: generic: using update directory: /var/lib/spamassassin/3.004000 Jul 28 10:07:19.063 [30562] dbg: diag: perl platform: 5.014002 linux Jul 28 10:07:19.063 [30562] dbg: diag: [...] module installed: Digest::SHA1, version 2.13 Jul 28 10:07:19.064 [30562] dbg: diag: [...] module installed: HTML::Parser, version 3.71 Jul 28 10:07:19.064 [30562] dbg: diag: [...] module installed: Net::DNS, version 0.77 Jul 28 10:07:19.064 [30562] dbg: diag: [...] module installed: NetAddr::IP, version 4.075 Jul 28 10:07:19.064 [30562] dbg: diag: [...] module installed: Time::HiRes, version 1.9726 Jul 28 10:07:19.064 [30562] dbg: diag: [...] module installed: Archive::Tar, version 2.00 Jul 28 10:07:19.064 [30562] dbg: diag: [...] module installed: IO::Zlib, version 1.10 Jul 28 10:07:19.065 [30562] dbg: diag: [...] module installed: Digest::SHA1, version 2.13 Jul 28 10:07:19.065 [30562] dbg: diag: [...] module installed: MIME::Base64, version 3.14 Jul 28 10:07:19.065 [30562] dbg: diag: [...] module installed: DB_File, version 1.821 Jul 28 10:07:19.065 [30562] dbg: diag: [...] module installed: Net::SMTP, version 2.34 Jul 28 10:07:19.065 [30562] dbg: diag: [...] module installed: Mail::SPF, version v2.008 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: Geo::IP, version 1.43 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: Razor2::Client::Agent, version 2.84 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module not installed: IO::Socket::IP ('require' failed) Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: IO::Socket::INET6, version 2.69 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: IO::Socket::SSL, version 1.76 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: Compress::Zlib, version 2.064 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: Mail::DKIM, version 0.39 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: DBI, version 1.631 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: Getopt::Long, version 2.42 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: LWP::UserAgent, version 6.04 Jul 28 10:07:19.067 [30562] dbg: diag: [...] module installed: HTTP::Date, version 6.02 Jul 28 10:07:19.067 [30562] dbg: diag: [...] module not installed: Encode::Detect ('require' failed) Jul 28 10:07:19.067 [30562] dbg: diag: [...] module not installed: Net::Patricia ('require' failed) Jul 28 10:07:19.068 [30562] dbg: gpg: Searching for 'gpg' Jul 28 10:07:19.068 [30562] dbg: util: current PATH is: /usr/local/bin:/usr/bin:/bin:/usr/games Jul 28 10:07:19.069 [30562] dbg: util: executable for gpg was found at /usr/bin/gpg Jul 28 10:07:19.069 [30562] dbg: gpg: found /usr/bin/gpg Jul 28 10:07:19.069 [30562] dbg: gpg: release trusted key id list: 5E541DC959CB8BAC7C78DFDC4056A61A5244EC45 0C2B1D7175B852C64B3CDC716C55397824F434CE Jul 28 10:07:19.069 [30562] dbg: channel: attempting channel updates.spamassassin.org Jul 28 10:07:19.070 [30562] dbg: channel: using existing directory /var/lib/spamassassin/3.004000/updates_spamassassin_org Jul 28 10:07:19.070 [30562] dbg: channel: channel cf file /var/lib/spamassassin/3.004000/updates_spamassassin_org.cf Jul 28 10:07:19.070 [30562] dbg: channel: channel pre file /var/lib/spamassassin/3.004000/updates_spamassassin_org.pre Jul 28 10:07:19.070 [30562] dbg: channel: metadata version = 1613581, from file /var/lib/spamassassin/3.004000/updates_spamassassin_org.cf Jul 28 10:07:19.093 [30562] dbg: dns: 0.4.3.updates.spamassassin.org = 1613764, parsed as 1613764 Jul 28 10:07:19.093 [30562] dbg: channel: preparing temp directory for new channel Jul 28 10:07:19.093 [30562] dbg: channel: created tmp directory /tmp/.spamassassin30562IqBrJ4tmp Jul 28 10:07:19.093 [30562] dbg: generic: lint checking site pre files once before attempting channel updates Jul 28
Ready to throw in the towel on email providing...
Hi All, Just lost another one, dammit. Small company with about 6 mailboxes who some consultant gave them a song and dance about how Gmail's such a better mail service since they don't get any spam No it's not going to break us. But this is what I see happening. SpamAssassin for us filters probably about 80% of the spam out of the box, doing nothing other than using defaults. If the users feed the learner, it's even better. But, the spam is coming in at such a tremendously high volume now that when a user account gets 5,000 pieces of mail a day, all of it except for maybe 5 pieces of mail are NOT spam, even at 99% effectiveness, the user is STILL getting 50 pieces of spam in a day that SpamAssassin misses, compared to their 5 pieces of ham mail. they don't see the 4,950 pieces of mail we deleted for them. They just see the 50 pieces that got past, compared to their 5 legitimate pieces. So naturally the users figure we are rat bastards who aren't doing a good job filtering. So they setup a test account at Google and try it out for a month Of course, the account gets very little spam. Why would it otherwise? It's brand new. It hasn't had a chance to be disseminated to all of the mailing lists, the websites, the other coorespondents's computers of theirs that get hit by harvesting viruses. Their ignorance then reinforces their invalid perception and then they figure we are liars. So they move their domain. A year later, when Gmail is doing the same thing to them, they finally figure out it's not the provider, its the spammers and oh boy maybe we weren't lying after all. But, it's a lot of work to shift back to us, so why bother if all the mail services are the same way? So they are gone, permanently, never to return. We have tried educating them. But spamfighting today is complex. If you explain it completely and they understand the explanation and believe you, they give up hope because they realize that just hitting the delete button on those 50 pieces of spam is easier than shifting their poor email behaviors that got them into the mess in the first place. But then a month later the complex explanation is forgotten and they are once more vulnerable to any snake oil sales consultant selling them gmail. But most of them don't understand anyway. And if you just try to dumb down the explanation it starts making no sense at all very quickly. What do other people do? Or are we just going to end up with an Internet in about 10 years where every single email box is either on Microsoft 365 or Gmail and the NSA has a wonderful interface to use to hunt through whatever they want without bothering with a warrant? And to add insult to injury - this small company is a dental office - subject to HIPAA - and Gmail is not (and has stated they will not) be HIPAA complaint. We are! Ted --- This email is free from viruses and malware because avast! Antivirus protection is active. http://www.avast.com
Re: Ready to throw in the towel on email providing...
I definitely appreciate your rant and your point of view. Sadly, until SMTP is rewritten and we're not using protocols on the Internet that have been based on very very old code and then just patched and updated ad infinitum, there isn't a sure fire solution. More patches, more fixes, more filters, more overhead, more wasted CPU time and bandwidth. There's plenty who won't agree with my point of view and think of it as unrealistic, but that's just the way opinions go. :) Independent email providers will never have the resources of conglomerates. We have the security and the ability to guarantee data control, delivery and confidentiality, but as far as SPAM filtering and other time and resource intensive things go, we'll never compete at the same level. Keep on keepin' on. On 07/28/2014 10:10 AM, Ted Mittelstaedt wrote: Hi All, Just lost another one, dammit. Small company with about 6 mailboxes who some consultant gave them a song and dance about how Gmail's such a better mail service since they don't get any spam No it's not going to break us. But this is what I see happening. SpamAssassin for us filters probably about 80% of the spam out of the box, doing nothing other than using defaults. If the users feed the learner, it's even better. But, the spam is coming in at such a tremendously high volume now that when a user account gets 5,000 pieces of mail a day, all of it except for maybe 5 pieces of mail are NOT spam, even at 99% effectiveness, the user is STILL getting 50 pieces of spam in a day that SpamAssassin misses, compared to their 5 pieces of ham mail. they don't see the 4,950 pieces of mail we deleted for them. They just see the 50 pieces that got past, compared to their 5 legitimate pieces. So naturally the users figure we are rat bastards who aren't doing a good job filtering. So they setup a test account at Google and try it out for a month Of course, the account gets very little spam. Why would it otherwise? It's brand new. It hasn't had a chance to be disseminated to all of the mailing lists, the websites, the other coorespondents's computers of theirs that get hit by harvesting viruses. Their ignorance then reinforces their invalid perception and then they figure we are liars. So they move their domain. A year later, when Gmail is doing the same thing to them, they finally figure out it's not the provider, its the spammers and oh boy maybe we weren't lying after all. But, it's a lot of work to shift back to us, so why bother if all the mail services are the same way? So they are gone, permanently, never to return. We have tried educating them. But spamfighting today is complex. If you explain it completely and they understand the explanation and believe you, they give up hope because they realize that just hitting the delete button on those 50 pieces of spam is easier than shifting their poor email behaviors that got them into the mess in the first place. But then a month later the complex explanation is forgotten and they are once more vulnerable to any snake oil sales consultant selling them gmail. But most of them don't understand anyway. And if you just try to dumb down the explanation it starts making no sense at all very quickly. What do other people do? Or are we just going to end up with an Internet in about 10 years where every single email box is either on Microsoft 365 or Gmail and the NSA has a wonderful interface to use to hunt through whatever they want without bothering with a warrant? And to add insult to injury - this small company is a dental office - subject to HIPAA - and Gmail is not (and has stated they will not) be HIPAA complaint. We are! Ted --- This email is free from viruses and malware because avast! Antivirus protection is active. http://www.avast.com -- . === -- - -- - - -- - ---. | Nate Metheny IT Group Leader | | Santa Fe Institute office 505.946.2730 | | cell 505.930.9390 fax 505.982.0565 | | http://www.santafe.edu n...@santafe.edu | `--- - -- ---- - = == ===' smime.p7s Description: S/MIME Cryptographic Signature
RE: Ready to throw in the towel on email providing...
I think it goes a little deeper, too. I just went to Postfix-Spamassassin-Amavis setup as a front-end for Exchange because I had a Sonicwall ES300 for two years and it didn't even work as well as this new setup. Exchange filtration is a joke. I paid $2,000 for two years of service on the junky ES300 for 100 users and EVERYONE complained about its lack of effectiveness for two solid years. I feel your pain but to be honest, I've paid more and received way less. I hope your clients get to be as understanding as mine. There's no perfect solution, unless you hire staff to maintain it around the clock and even then it's only as good as the attention that's paid to it. Spammer hire staff in foreign countries to format emails until they get around the filters. Many of them BUY the filters and bounce emails against them until they get through and THEN send them out. We are always going to be fighting an uphill battle with spam as long as a computer is attached to the internet. Greg Ledford PHHW Technology Services LLC 1000 Corporate Centre Dr, Ste 200 Franklin, TN 37067 Office (615) 778-1777 Cell (615) 403-6989 Fax (615) 771-0081 Email gledf...@phhwtechnology.com -Original Message- From: Nate Metheny [mailto:n...@santafe.edu] Sent: Monday, July 28, 2014 11:30 AM To: users@spamassassin.apache.org Subject: Re: Ready to throw in the towel on email providing... I definitely appreciate your rant and your point of view. Sadly, until SMTP is rewritten and we're not using protocols on the Internet that have been based on very very old code and then just patched and updated ad infinitum, there isn't a sure fire solution. More patches, more fixes, more filters, more overhead, more wasted CPU time and bandwidth. There's plenty who won't agree with my point of view and think of it as unrealistic, but that's just the way opinions go. :) Independent email providers will never have the resources of conglomerates. We have the security and the ability to guarantee data control, delivery and confidentiality, but as far as SPAM filtering and other time and resource intensive things go, we'll never compete at the same level. Keep on keepin' on. On 07/28/2014 10:10 AM, Ted Mittelstaedt wrote: Hi All, Just lost another one, dammit. Small company with about 6 mailboxes who some consultant gave them a song and dance about how Gmail's such a better mail service since they don't get any spam No it's not going to break us. But this is what I see happening. SpamAssassin for us filters probably about 80% of the spam out of the box, doing nothing other than using defaults. If the users feed the learner, it's even better. But, the spam is coming in at such a tremendously high volume now that when a user account gets 5,000 pieces of mail a day, all of it except for maybe 5 pieces of mail are NOT spam, even at 99% effectiveness, the user is STILL getting 50 pieces of spam in a day that SpamAssassin misses, compared to their 5 pieces of ham mail. they don't see the 4,950 pieces of mail we deleted for them. They just see the 50 pieces that got past, compared to their 5 legitimate pieces. So naturally the users figure we are rat bastards who aren't doing a good job filtering. So they setup a test account at Google and try it out for a month Of course, the account gets very little spam. Why would it otherwise? It's brand new. It hasn't had a chance to be disseminated to all of the mailing lists, the websites, the other coorespondents's computers of theirs that get hit by harvesting viruses. Their ignorance then reinforces their invalid perception and then they figure we are liars. So they move their domain. A year later, when Gmail is doing the same thing to them, they finally figure out it's not the provider, its the spammers and oh boy maybe we weren't lying after all. But, it's a lot of work to shift back to us, so why bother if all the mail services are the same way? So they are gone, permanently, never to return. We have tried educating them. But spamfighting today is complex. If you explain it completely and they understand the explanation and believe you, they give up hope because they realize that just hitting the delete button on those 50 pieces of spam is easier than shifting their poor email behaviors that got them into the mess in the first place. But then a month later the complex explanation is forgotten and they are once more vulnerable to any snake oil sales consultant selling them gmail. But most of them don't understand anyway. And if you just try to dumb down the explanation it starts making no sense at all very quickly. What do other people do? Or are we just going to end up with an Internet in about 10 years where every single email box is either on Microsoft 365 or Gmail and the NSA has a wonderful interface to use to hunt through whatever they want without bothering with a
Re: Ready to throw in the towel on email providing...
On 7/28/2014 12:10 PM, Ted Mittelstaedt wrote: Small company with about 6 mailboxes who some consultant gave them a song and dance about how Gmail's such a better mail service since they don't get any spam Ted, fwiw, I had a situation last year where a friend (not one of my own clients) called me up asking me about a situation where legit hand-typed messages to their paid business-class gmail service... were getting blocked. So I ask, why are you asking me, ask gmail! He responded by saying that they are a paid business class gmail user, sending from their own domain name... and when he called his paid support line at google (again, this isn't the regular free gmail)... the tech support consultant was not able to lift a finger to help them. No research.. no SMTP logs... nothing. The paid subscriber was told that there must be some kind of problem... you'll have to wait this out In contrast, if one of my mail hosting clients reports that a hand-typed message to them is blocked, i get the details about the message and search through the SMTP logs, and report back to them exactly what happened and fix it if it were something controllable on my end. (usually there is a more innocent explanation, like the sender making a typo in the e-mail address, etc)... but I first ASSUME it is my problem... THEN research it.. then give the client ANSWERS and SOLUTIONS. PLEASE correct me if I'm wrong as my example above is anecdotal.. but from what I understand, Google doesn't provide ANSWERS and SOLUTIONS for situations like this. You just get excuses and delays. Maybe Google has improved since then?... or maybe my report is not accurate (but it came to me first hand from a trustworthy source). Definately double check this. If you can verify that this is true (and continues to be true)... then use this info as a rebuttal the next time you have a client talk about leaving you for gmail. -- Rob McEwen +1 (478) 475-9032
RE: Ready to throw in the towel on email providing...
On Mon, 28 Jul 2014, Greg Ledford wrote: Spammer hire staff in foreign countries to format emails until they get around the filters. Many of them BUY the filters and bounce emails against them until they get through and THEN send them out. The only thing that evolves faster than bacteria is spammers. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- When people get used to preferential treatment, equal treatment seems like discrimination. -- Thomas Sowell --- 8 days until the 279th anniversary of John Peter Zenger's acquittal
Re: Ready to throw in the towel on email providing...
On Mon, 28 Jul 2014 09:10:40 -0700 Ted Mittelstaedt t...@ipinc.net wrote: Or are we just going to end up with an Internet in about 10 years where every single email box is either on Microsoft 365 or Gmail and the NSA has a wonderful interface to use to hunt through whatever they want without bothering with a warrant? I don't think every single mailbox will be like that, but sadly a lot will. A number of things are conspiring to cause this: 1) Gmail is actually pretty good at filtering spam. I can't speak for MSFT since I don't use it. 2) Especially in North America, companies are short-sighted and go for quick fixes and things that look cheap up-front without considering the long-term costs. 3) Especially in North America, people don't see the value in learning technology. They want simple, spoon-fed solutions and they love the word oursourcing. Sorry if (2) and (3) are not PC, but the slag against North Americans is based on my personal experience. :) And hey, I'm Canadian so I can dis my own crowd... 4) Most non-technical small businesses equate Mail Server with Microsoft Exchange, and Microsoft has steadily been making Exchange more and more of a PITA to administer. Each new version of Exchange breaks things and requires learning new procedures. Combine that with (3) and we see that MSFT is using on-premise Exchange as a trojan horse to get people on O-365. The huge pool of managed service providers that recommend MSFT solutions is by-and-large staffed by incompetents who are only too happy to shove their customers onto O-365 and collect kickbacks every month. We will be left in a niche market with people who really understand the value of controlling their own email. It'll be a much smaller market, but (I hope) a more discerning and intelligent one. Regards, David.
Re: Ready to throw in the towel on email providing...
On Mon, 28 Jul 2014 12:49:24 -0400 Rob McEwen r...@invaluement.com wrote: PLEASE correct me if I'm wrong as my example above is anecdotal.. but from what I understand, Google doesn't provide ANSWERS and SOLUTIONS for situations like this. You just get excuses and delays. That has been my experience too. We had a customer who had problems emailing someone and once we determined that Google was blocking the mail, my customer gave up. He said there's no point in bothering to contact Google; he just phoned the original recipient instead. If you can verify that this is true (and continues to be true)... then use this info as a rebuttal the next time you have a client talk about leaving you for gmail. Unfortunately, people usually only care about crappy support and service after it's too late. You might win back some ex-Google customers, but it's really hard to stem the tide beforehand. Regards, David.
RE: Ready to throw in the towel on email providing...
-Original Message- From: John Hardin [mailto:jhar...@impsec.org] Sent: 2014-07-28 12:55 To: users@spamassassin.apache.org Subject: RE: Ready to throw in the towel on email providing... On Mon, 28 Jul 2014, Greg Ledford wrote: The only thing that evolves faster than bacteria is spammers. I've just about stopped trying to fight them. I write local rules maybe once every 2 weeks. I'm so tired of users complaining they get Tons of spam which turns out to be 4. Yeah... 4. I stop so much and users are never satisfied. It was a side project that turned into a hobby that turned into a pain in my butt. --Chris
Re: Ready to throw in the towel on email providing...
On Mon, Jul 28, 2014 at 6:10 PM, Ted Mittelstaedt t...@ipinc.net wrote: Just lost another one, dammit. Small company with about 6 mailboxes who some consultant gave them a song and dance about how Gmail's such a better mail service since they don't get any spam The trend towards email service providers for companies to host their mailboxes has been accelerating for about the past 6 to 12 months. I don't know whether there was any specific trigger (Exchange version upgrade-related, possibly?). At dnswl.org, we see a number of netranges going stale (ie, not being seen with live traffic any more for extended periods of time), and when we re-check we see that MX/SPF point to (largely) outlook.com or Google Mail (plus a long tail of other providers). SpamAssassin for us filters probably about 80% of the spam out of the box, doing nothing other than using defaults. Yes, SpamAssassin requires site- or customer-specific tuning. So does every other spamfilter. I run the domain for my family over Gmail, and while it's decent at filtering, it has a hard time coping with some of the more bizarre technical and list email I get :) 5 pieces of mail are NOT spam, even at 99% effectiveness, the user is STILL getting 50 pieces of spam in a day that SpamAssassin misses, compared to their 5 pieces of ham mail. It's not only the spam. It's also the viruses, the email archive, the eDiscovery, the mobile device integration, the version upgrades, the web access, the system administration, the email reputation management, the IPv6 migration, the squeeze on the IT budget and staffing, the service level requirements, ... you name it. Messaging has become complex and is more interconnected between various channels (instant messaging, presence awareness, voice, voice conferencing, video conferencing with screen sharing...). The market for specialised, dedicated and/or access-provider-bound mail services is definitely shrinking. It's not disappearing completely anytime soon, but some providers will have a hard time to retain meaningful economies of scale and are thus likely to leave that market. SpamAssassin is still an important and useful component in an overall setup. But it needs to be embedded in a full suite (and by that I do not mean just plumbing into the MTA of choice). What do other people do? Or are we just going to end up with an Internet in about 10 years where every single email box is either on Microsoft 365 or Gmail and the NSA has a wonderful interface to use to hunt through whatever they want without bothering with a warrant? The NSA argument does not really influence any purchase decision - or not any more than it did in pre-Snowden times. Large european customers who have an exposure to privacy-related risks did not and do not outsource to US providers given the poor legal and regulatory protection. The wave of revelations merely served to proof an already existing sentiment. -- Matthias
Re: Ready to throw in the towel on email providing...
On Mon, 28 Jul 2014, David F. Skoll wrote: Unfortunately, people usually only care about crappy support and service after it's too late. You might win back some ex-Google customers, but it's really hard to stem the tide beforehand. See if the people you won back are willing to talk about their experiences to the people considering leaving. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- Gun Control is marketed to the public using the appealing delusion that violent criminals will obey the law. --- 8 days until the 279th anniversary of John Peter Zenger's acquittal
Re: Ready to throw in the towel on email providing...
On Mon, Jul 28, 2014 at 1:44 PM, John Hardin jhar...@impsec.org wrote: On Mon, 28 Jul 2014, David F. Skoll wrote: Unfortunately, people usually only care about crappy support and service after it's too late. You might win back some ex-Google customers, but it's really hard to stem the tide beforehand. I think there is also the tolerance level people have depending on who they are dealing with. If they are dealing with a smaller/local company, they expect 24/7 support and solutions for problems before said problems are even conceived. But, when dealing with a large corporation, they accept the fact they are just another customer in hundreds of thousands who should be glad they are given the time of the day. Hence the it is HP/Microsoft/IBM/Google/Apple shrug while throwing money at those companies. After all, a bigger company must be better than a smaller one, right? See if the people you won back are willing to talk about their experiences to the people considering leaving. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- Gun Control is marketed to the public using the appealing delusion that violent criminals will obey the law. --- 8 days until the 279th anniversary of John Peter Zenger's acquittal
Re: Ready to throw in the towel on email providing...
On 7/28/2014 10:42 AM, Matthias Leisi wrote: On Mon, Jul 28, 2014 at 6:10 PM, Ted Mittelstaedtt...@ipinc.net wrote: Just lost another one, dammit. Small company with about 6 mailboxes who some consultant gave them a song and dance about how Gmail's such a better mail service since they don't get any spam The trend towards email service providers for companies to host their mailboxes has been accelerating for about the past 6 to 12 months. I don't know whether there was any specific trigger (Exchange version upgrade-related, possibly?). The specific trigger is in 2012 Microsoft announced SBS would be terminated. (SBS 2011) is the last. For a company to field exchange 2012 server for 5 people is about $20K. That is licensing, server hardware and expertise to put it together. Our other consultancy is a windows shop and we can roll these if anyone wants them. When SBS 2011 shipped you could do Exchange for 5 users for around $5K for the licensing and hardware and expertise. I'm not going to go into the technical changes Microsoft made in the new version of Exchange that tripled the costs, just trust me they are there. A couple years ago we sold around 6 exchange servers a year. Once MS graduated everyone to the new version of exchange, we haven't sold any. Sold SB Essentials but that's not Exchange. We also have some large companies and all of them are holding to exchange 2008 R2 for the same reasons. Microsoft is on service pack 3 rollup 7 on exchange 2008 R2. It is very much a trainwreck in the making for the large site licensees of Exchange and Microsoft. In fact we already rolled a complete drop-in Exchange replacement using Horde/IMP for one customer with about 100 employees who didn't want to upgrade from exchange 2003. We expect to do more of these. Microsoft will win in the end with upgrades to exchange server but it simply isn't going to make economic sense for anyone with 200 employees or lower. So they will win but it will be Pyrrhic since a chunk will bail completely and go to Linux. At dnswl.org, we see a number of netranges going stale (ie, not being seen with live traffic any more for extended periods of time), and when we re-check we see that MX/SPF point to (largely) outlook.com or Google Mail (plus a long tail of other providers). SpamAssassin for us filters probably about 80% of the spam out of the box, doing nothing other than using defaults. Yes, SpamAssassin requires site- or customer-specific tuning. So does every other spamfilter. I run the domain for my family over Gmail, and while it's decent at filtering, it has a hard time coping with some of the more bizarre technical and list email I get :) 5 pieces of mail are NOT spam, even at 99% effectiveness, the user is STILL getting 50 pieces of spam in a day that SpamAssassin misses, compared to their 5 pieces of ham mail. It's not only the spam. It's also the viruses, the email archive, the eDiscovery, the mobile device integration, the version upgrades, the web access, the system administration, the email reputation management, the IPv6 migration, the squeeze on the IT budget and staffing, the service level requirements, ... you name it. Ah, no. Everything other than the spam can be handled by OSS. But, spam is bad because the users bring it down on themselves by their own behavior. These are employees who go online and fill their work email address out on the online win an ipod fake contest websites. Because they know if they use their private address it will get spammed and they will have to do something about it. But hey they can use work email and it's someone elses problem to fix. Then bitch to their bosses that they are getting so much spam. Their bosses bitch to us because it doesn't even enter their mind that their employees would be wasting time on their break doing this crap online. Messaging has become complex and is more interconnected between various channels (instant messaging, presence awareness, voice, voice conferencing, video conferencing with screen sharing...). The market for specialised, dedicated and/or access-provider-bound mail services is definitely shrinking. It's not disappearing completely anytime soon, but some providers will have a hard time to retain meaningful economies of scale and are thus likely to leave that market. SpamAssassin is still an important and useful component in an overall setup. But it needs to be embedded in a full suite (and by that I do not mean just plumbing into the MTA of choice). The specifics is spam. Users believe administrators can just flick a switch and turn it off. Billions is wasted every year on scanning software that the vendors claim will just turn it off because the buyers actually believe that switch exists. Nothing you have said addresses this. You are droning on and on all of the sound bites people use to sell Cloud. Fine. Great. I know that. I'm Cloud. Gmail is Cloud. 365 is
Re: Ready to throw in the towel on email providing...
On 7/28/2014 10:56 AM, Mauricio Tavares wrote: On Mon, Jul 28, 2014 at 1:44 PM, John Hardinjhar...@impsec.org wrote: On Mon, 28 Jul 2014, David F. Skoll wrote: Unfortunately, people usually only care about crappy support and service after it's too late. You might win back some ex-Google customers, but it's really hard to stem the tide beforehand. I think there is also the tolerance level people have depending on who they are dealing with. If they are dealing with a smaller/local company, they expect 24/7 support and solutions for problems before said problems are even conceived. But, when dealing with a large corporation, they accept the fact they are just another customer in hundreds of thousands who should be glad they are given the time of the day. Hence the it is HP/Microsoft/IBM/Google/Apple shrug while throwing money at those companies. After all, a bigger company must be better than a smaller one, right? Except of course when it's MY product and industry, then the smaller company is definitely better (you were paying attention when I mentioned the company that left for the bigger is better provider is itself small - 6 boxes) After all do as I say not as I do, eh! Ted See if the people you won back are willing to talk about their experiences to the people considering leaving. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- Gun Control is marketed to the public using the appealing delusion that violent criminals will obey the law. --- 8 days until the 279th anniversary of John Peter Zenger's acquittal --- This email is free from viruses and malware because avast! Antivirus protection is active. http://www.avast.com
Re: Ready to throw in the towel on email providing...
Chris Santerre wrote: I've just about stopped trying to fight them. I write local rules maybe once every 2 weeks. I'm so tired of users complaining they get Tons of spam which turns out to be 4. Yeah... 4. I stop so much and users are never satisfied. It was a side project that turned into a hobby that turned into a pain in my butt. When I see this kind of complaint, I pull out two stats from the filter logs: 1) How much mail got tagged by SA on their account, per day, over the last week 2) How much mail got tagged by SA on my own staff account, per day, over the last week. 2) is almost always larger than 1), and 1) is, like you say, commonly pretty low. -kgd
Re: Ready to throw in the towel on email providing...
On Mon, 28 Jul 2014 15:31:17 -0400 Kris Deugau kdeu...@vianet.ca wrote: I'm so tired of users complaining they get Tons of spam which turns out to be 4. Yeah... 4. [...] When I see this kind of complaint, I pull out two stats from the filter logs: [...] I sometimes do a more dramatic demonstration: I turn off spam filtering for an hour. That usually stops the complaints. Regards, David.
Re: Ready to throw in the towel on email providing...
What you could do, is send a regular (weekly or monthly) spam report that tells your customers how many emails that were blocked vs the number of ham emails and other such statistics. That might get some to stay. On Jul 28, 2014 3:31 PM, Kris Deugau kdeu...@vianet.ca wrote: Chris Santerre wrote: I've just about stopped trying to fight them. I write local rules maybe once every 2 weeks. I'm so tired of users complaining they get Tons of spam which turns out to be 4. Yeah... 4. I stop so much and users are never satisfied. It was a side project that turned into a hobby that turned into a pain in my butt. When I see this kind of complaint, I pull out two stats from the filter logs: 1) How much mail got tagged by SA on their account, per day, over the last week 2) How much mail got tagged by SA on my own staff account, per day, over the last week. 2) is almost always larger than 1), and 1) is, like you say, commonly pretty low. -kgd
Re: sa-update fails: permission denied on config directory
You have a permissions issue and there is a plugin needed to run things that by default is enabled in per files. I would try disabling selinix and chmod 777 /etc/mail/spam assassin as a test. Regards, KAM Jeff Rice j...@jrice.me wrote: Hi, I'm seeing an error when the cron job under Debian runs for SA 3.4.0. I get this error from the cron job: /etc/cron.daily/spamassassin: config: no configuration text or files found! do you need to run 'sa-update'? Timeout::_run: check: no loaded plugin implements 'check_main': cannot scan! Check the necessary '.pre' files are in the config directory. sa-update failed for unknown reasons To investigate further, I ran su debian-spamd -c 'sa-update -D --gpghomedir /var/lib/spamassassin/sa-update-keys': Jul 28 10:07:18.922 [30562] dbg: logger: adding facilities: all Jul 28 10:07:18.922 [30562] dbg: logger: logging level is DBG Jul 28 10:07:18.922 [30562] dbg: generic: SpamAssassin version 3.4.0 Jul 28 10:07:18.923 [30562] dbg: generic: Perl 5.014002, PREFIX=/usr, DEF_RULES_DIR=/usr/share/spamassassin, LOCAL_RULES_DIR=/etc/mail/spamassassin, LOCAL_STATE_DIR=/var/lib/spamassassin Jul 28 10:07:18.923 [30562] dbg: config: timing enabled Jul 28 10:07:18.923 [30562] dbg: config: score set 0 chosen. Jul 28 10:07:18.928 [30562] dbg: generic: sa-update version svn1475932 Jul 28 10:07:18.928 [30562] dbg: generic: using update directory: /var/lib/spamassassin/3.004000 Jul 28 10:07:19.063 [30562] dbg: diag: perl platform: 5.014002 linux Jul 28 10:07:19.063 [30562] dbg: diag: [...] module installed: Digest::SHA1, version 2.13 Jul 28 10:07:19.064 [30562] dbg: diag: [...] module installed: HTML::Parser, version 3.71 Jul 28 10:07:19.064 [30562] dbg: diag: [...] module installed: Net::DNS, version 0.77 Jul 28 10:07:19.064 [30562] dbg: diag: [...] module installed: NetAddr::IP, version 4.075 Jul 28 10:07:19.064 [30562] dbg: diag: [...] module installed: Time::HiRes, version 1.9726 Jul 28 10:07:19.064 [30562] dbg: diag: [...] module installed: Archive::Tar, version 2.00 Jul 28 10:07:19.064 [30562] dbg: diag: [...] module installed: IO::Zlib, version 1.10 Jul 28 10:07:19.065 [30562] dbg: diag: [...] module installed: Digest::SHA1, version 2.13 Jul 28 10:07:19.065 [30562] dbg: diag: [...] module installed: MIME::Base64, version 3.14 Jul 28 10:07:19.065 [30562] dbg: diag: [...] module installed: DB_File, version 1.821 Jul 28 10:07:19.065 [30562] dbg: diag: [...] module installed: Net::SMTP, version 2.34 Jul 28 10:07:19.065 [30562] dbg: diag: [...] module installed: Mail::SPF, version v2.008 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: Geo::IP, version 1.43 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: Razor2::Client::Agent, version 2.84 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module not installed: IO::Socket::IP ('require' failed) Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: IO::Socket::INET6, version 2.69 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: IO::Socket::SSL, version 1.76 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: Compress::Zlib, version 2.064 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: Mail::DKIM, version 0.39 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: DBI, version 1.631 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: Getopt::Long, version 2.42 Jul 28 10:07:19.066 [30562] dbg: diag: [...] module installed: LWP::UserAgent, version 6.04 Jul 28 10:07:19.067 [30562] dbg: diag: [...] module installed: HTTP::Date, version 6.02 Jul 28 10:07:19.067 [30562] dbg: diag: [...] module not installed: Encode::Detect ('require' failed) Jul 28 10:07:19.067 [30562] dbg: diag: [...] module not installed: Net::Patricia ('require' failed) Jul 28 10:07:19.068 [30562] dbg: gpg: Searching for 'gpg' Jul 28 10:07:19.068 [30562] dbg: util: current PATH is: /usr/local/bin:/usr/bin:/bin:/usr/games Jul 28 10:07:19.069 [30562] dbg: util: executable for gpg was found at /usr/bin/gpg Jul 28 10:07:19.069 [30562] dbg: gpg: found /usr/bin/gpg Jul 28 10:07:19.069 [30562] dbg: gpg: release trusted key id list: 5E541DC959CB8BAC7C78DFDC4056A61A5244EC45 0C2B1D7175B852C64B3CDC716C55397824F434CE Jul 28 10:07:19.069 [30562] dbg: channel: attempting channel updates.spamassassin.org Jul 28 10:07:19.070 [30562] dbg: channel: using existing directory /var/lib/spamassassin/3.004000/updates_spamassassin_org Jul 28 10:07:19.070 [30562] dbg: channel: channel cf file /var/lib/spamassassin/3.004000/updates_spamassassin_org.cf Jul 28 10:07:19.070 [30562] dbg: channel: channel pre file /var/lib/spamassassin/3.004000/updates_spamassassin_org.pre Jul 28 10:07:19.070 [30562] dbg: channel: metadata version = 1613581, from file /var/lib/spamassassin/3.004000/updates_spamassassin_org.cf Jul 28 10:07:19.093 [30562] dbg: dns: 0.4.3.updates.spamassassin.org = 1613764, parsed as 1613764 Jul 28 10:07:19.093 [30562] dbg: channel: preparing temp directory for
Re: Ready to throw in the towel on email providing...
Hi, Just lost another one, dammit. Small company with about 6 mailboxes who some consultant gave them a song and dance about how Gmail's such a better mail service since they don't get any spam The trend towards email service providers for companies to host their mailboxes has been accelerating for about the past 6 to 12 months. I don't know whether there was any specific trigger (Exchange version upgrade-related, possibly?). The specific trigger is in 2012 Microsoft announced SBS would be terminated. (SBS 2011) is the last. For a company to field exchange 2012 server for 5 people is about $20K. That is licensing, server hardware and expertise to put it together. Our other consultancy is a windows shop and we can roll these if anyone wants them. When SBS 2011 shipped you could do Exchange for 5 users for around $5K for the licensing and hardware and expertise. I'm not going to go into the technical changes Microsoft made in the new version of Exchange that tripled the costs, just trust me they are there. A couple years ago we sold around 6 exchange servers a year. Once MS graduated everyone to the new version of exchange, we haven't sold any. Sold SB Essentials but that's not Exchange. We recently lost a small-business customer to Comcast. They have about 150 employees and needed better collaboration tools, calendaring, contacts, and shared resources which we really can't provide with just open source tools. Comcast was offering all of this with spam/virus for like $400/mo or less. We just can't compete in that market. Much of our business now is front-ending Exchange. However, another problem we're experiencing is that, with the latest Exchange, is no more IMAP/POP to public folders, so there's no real way for us to receive spam/ham samples for analysis from them over the Internet. Ideas for solving this problem would be appreciated. For the issue regarding users going to Gmail, I like to dig up problems with their service that people from notable companies have had, or articles from PC Week, and the like, about service outages, lost email, data-mining and privacy issues, etc. Our users want regular reports, but the actual end-users never really see that. It's only some levels of management that ever see it, and I don't think they really have a concept of just how much spam they would be receiving. We're in a commodity business. It's no longer the efficacy that differentiates us - it's service, price, privacy, features (user tools, webmail, mobile capabilities), etc. Regards, Alex
Re: Ready to throw in the towel on email providing...
On 2014-07-28 12:40, Daniel Reynolds wrote: What you could do, is send a regular (weekly or monthly) spam report that tells your customers how many emails that were blocked vs the number of ham emails and other such statistics. We quarantine mail that is between our target threshold and 10 points, above that we reject at the SMTP level. The quarantine report is sent daily. This approach works well for two reasons, #1 is definitely marketing, #2 is that it makes users feel like our spam filter isn't blocking anything they wanted. Sure, if we did quarantine something a user wanted, they might want to release it. Last I looked, there's a single digit number of quarantine releases per month, despite the fact that it's a single un-authenticated click from the email in their mailbox. I do really believe that it makes users feel happier about the handful of spam that does make it into their mailbox when they see even a percentage of the stuff that didn't make it -- And it's a small percentage, a vast majority is rejected outright. (Also, take my numbers with a grain of salt, my spam filtering system is comprised of more than just SpamAssassin, SA's score is directly added to various other rules for the final decision) -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren
Re: Ready to throw in the towel on email providing...
On 2014-07-28 10:56, Mauricio Tavares wrote: I think there is also the tolerance level people have depending on who they are dealing with. If they are dealing with a smaller/local company, they expect 24/7 support and solutions for problems before said problems are even conceived. While that's sometimes true, as a very small service provider, a lot of my customers appreciate that they're speaking to a person and not a department, and it allows me to to provide solutions to customers based on /their/ needs rather than their demographic's needs. But as with so many other markets, most customers will opt for a bigger, generic level of solution rather than going for a small local business when it can save them a few dollars. Google, Office 365 and Outlook.com are the Walmart of our industry, and that's okay, there's still room for competition, but you do have to work a lot harder at areas that the big guys can't compete with. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren
Re: Ready to throw in the towel on email providing...
On Mon, 28 Jul 2014 12:57:38 -0400 David F. Skoll d...@roaringpenguin.com wrote: David 1) Gmail is actually pretty good at filtering spam. I can't David speak for MSFT since I don't use it. David 2) Especially in North America, companies are short-sighted and David go for quick fixes and things that look cheap up-front without David considering the long-term costs. David 3) Especially in North America, people don't see the value in David learning technology. They want simple, spoon-fed solutions and David they love the word oursourcing. Sorry if (2) and (3) are not David PC, but the slag against North Americans is based on my personal David experience. :) And hey, I'm Canadian so I can dis my own crowd... David 4) Most non-technical small businesses equate Mail Server with David Microsoft Exchange, and Microsoft has steadily been making David Exchange more and more of a PITA to administer. Each new version David of Exchange breaks things and requires learning new procedures. David Combine that with (3) and we see that MSFT is using on-premise David Exchange as a trojan horse to get people on O-365. The huge pool David of managed service providers that recommend MSFT solutions is David by-and-large staffed by incompetents who are only too happy to David shove their customers onto O-365 and collect kickbacks every David month. Good summary, but I think you forgot (5): They have prettier icons. I am not 100% kidding, either. -- Please *no* private copies of mailing list or newsgroup messages.
Re: Ready to throw in the towel on email providing...
My church decided to go with O-365, without even evaluating any alternatives. We have an unemployed IT person that talked the staff into this, even though I've offered to implement a real e-mail solution multiple times, and even provide hardware to run it on. free was the biggest draw, then no administration. *sigh*. jay plesset IT, dp-design.com On 7/28/2014 3:49 PM, Ian Zimmerman wrote: On Mon, 28 Jul 2014 12:57:38 -0400 David F. Skoll d...@roaringpenguin.com wrote: David 1) Gmail is actually pretty good at filtering spam. I can't David speak for MSFT since I don't use it. David 2) Especially in North America, companies are short-sighted and David go for quick fixes and things that look cheap up-front without David considering the long-term costs. David 3) Especially in North America, people don't see the value in David learning technology. They want simple, spoon-fed solutions and David they love the word oursourcing. Sorry if (2) and (3) are not David PC, but the slag against North Americans is based on my personal David experience. :) And hey, I'm Canadian so I can dis my own crowd... David 4) Most non-technical small businesses equate Mail Server with David Microsoft Exchange, and Microsoft has steadily been making David Exchange more and more of a PITA to administer. Each new version David of Exchange breaks things and requires learning new procedures. David Combine that with (3) and we see that MSFT is using on-premise David Exchange as a trojan horse to get people on O-365. The huge pool David of managed service providers that recommend MSFT solutions is David by-and-large staffed by incompetents who are only too happy to David shove their customers onto O-365 and collect kickbacks every David month. Good summary, but I think you forgot (5): They have prettier icons. I am not 100% kidding, either.
Re: Ready to throw in the towel on email providing...
On Mon, 28 Jul 2014, Ian Zimmerman wrote: Good summary, but I think you forgot (5): They have prettier icons. I am not 100% kidding, either. Oh, god yes. Sadly my sigmonster isn't on the ball, so I had to give it a poke... (h/t to Steve, if he's still around) -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- End users want eye candy and the ooo's and hhh's experience when reading mail. To them email isn't a tool, but an entertainment form. -- Steve Lake --- 8 days until the 279th anniversary of John Peter Zenger's acquittal